RFR: 8284694: Avoid evaluating SSLAlgorithmConstraints twice [v2]
Daniel Jeliński
djelinski at openjdk.java.net
Thu Apr 14 15:45:50 UTC 2022
On Thu, 14 Apr 2022 14:58:24 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java line 73:
>>
>>> 71:
>>> 72: static AlgorithmConstraints wrap(AlgorithmConstraints userSpecifiedConstraints) {
>>> 73: if (userSpecifiedConstraints == DEFAULT) {
>>
>> Maybe, DEFAULT could be returned for null userSpecifiedConstraints.
>>
>>
>> - if (userSpecifiedConstraints == DEFAULT) {
>> + if (userSpecifiedConstraints == null &&
>> + userSpecifiedConstraints== DEFAULT) {
>
>> @XueleiFan did you mean `||` (not `&&`) ?
>
> Thank you @dfuch. Yes, it should be "||".
as of today, this method is never called with a `null` argument (`SSLConfiguration#userSpecifiedAlgorithmConstraints` is initialized to `DEFAULT` and cannot be reset to `null`), but I can add a null check for future-proofing.
-------------
PR: https://git.openjdk.java.net/jdk/pull/8199
More information about the security-dev
mailing list